Bugtraq mailing list archives
Re: Sql Injection and Path Disclosoure Wordpress v2.0.5
From: "Paul Robertson" <compuwar () gmail com>
Date: Thu, 7 Sep 2006 11:30:45 -0400
On 6 Sep 2006 17:26:18 -0000, vannovax () gmail com <vannovax () gmail com> wrote:
Version Afected: v2.0.5 - v2.0.2 For Version v2.0.2 index.php?paged=-25633&header.php?=-id
Isn't this the exact same bug reported on Bugtraq in early July by zero in 2.0.3?
For Version v2.0.5 index.php?paged=/archive/-1-5-2-Create%20Table
The Wordpress folks tell me there isn't a version 2.0.5, 2.0.4 is the latest release and the subversion code isn't numbered that way. Is it possible the OP got the version string wrong? Thanks, Paul -- fora.compuwar.net
Current thread:
- Sql Injection and Path Disclosoure Wordpress v2.0.5 vannovax (Sep 06)
- Re: Sql Injection and Path Disclosoure Wordpress v2.0.5 Paul Robertson (Sep 07)
- <Possible follow-ups>
- Re: Re: Sql Injection and Path Disclosoure Wordpress v2.0.5 vanovax (Sep 08)
- Re: Re: Sql Injection and Path Disclosoure Wordpress v2.0.5 Paul Robertson (Sep 11)